Fix off-by-one in P_MAX and A_MAX

Spotted by @Yawning, thanks!

Fixes #45

draft-irtf-cfrg-aegis-aead.md

@@ -359,10 +359,10 @@ AEGIS-128L has a 1024-bit state, made of eight 128-bit blocks `{S0, ...S7}`.
 The parameters for this algorithm, whose meaning is defined in {{!RFC5116, Section 4}} are:
 
 - `K_LEN` (key length) is 16 bytes (128 bits).
-- `P_MAX` (maximum length of the plaintext) is 2<sup>61</sup> bytes (2<sup>64</sup> bits).
-- `A_MAX` (maximum length of the associated data) is 2<sup>61</sup> bytes (2<sup>64</sup> bits).
+- `P_MAX` (maximum length of the plaintext) is 2<sup>61</sup> - 1 bytes (2<sup>64</sup> - 8 bits).
+- `A_MAX` (maximum length of the associated data) is 2<sup>61</sup> - 1 bytes (2<sup>64</sup> - 8 bits).
 - `N_MIN` (minimum nonce length) = `N_MAX` (maximum nonce length) = 16 bytes (128 bits).
-- `C_MAX` (maximum ciphertext length) = `P_MAX` + tag length = 2<sup>61</sup> + 16 or 32 bytes (2<sup>64</sup> + 128 or 256 bits).
+- `C_MAX` (maximum ciphertext length) = `P_MAX` + tag length = (2<sup>61</sup> - 1) + 16 or 32 bytes ((2<sup>64</sup> - 8) + 128 or 256 bits).
 
 Distinct associated data inputs, as described in {{!RFC5116, Section 3}} shall be unambiguously encoded as a single input.
 It is up to the application to create a structure in the associated data input if needed.